e4d40444566693cef299833db5deece370eb55544f26537bf7f52fcf5756edb0

Sharing

Copy URL Twitter E-mail

General

Target

e4d40444566693cef299833db5deece370eb55544f26537bf7f52fcf5756edb0
Size

196KB
MD5

fdef23ad00c56fe1029ad27de0246914
SHA1

4b552460a9f51f31e4127cc00201f207144daeaa
SHA256

e4d40444566693cef299833db5deece370eb55544f26537bf7f52fcf5756edb0
SHA512

90b83f2a16b02bdd5f0de55cd3d93f7c61917e744dc313fbb386783994d1b58b177f7b5f2b519757b470e5f6d2e73732cb6a5ac7f9b64c40d2e63e3a6270744c
SSDEEP

3072:Jgr0PLyL/YhvxjcUY2PxntF6pTG5aQYhaQC52y2STy63s9OYz3M:J5vjnYCtYVphItfu63s

Score

N/A

Malware Config

Signatures

Files

e4d40444566693cef299833db5deece370eb55544f26537bf7f52fcf5756edb0
.exe windows x86

4e53d8f4fe1e77e090df6209494fb894

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
VariantChangeTypeEx
SysStringLen
SysFreeString
SysAllocStringLen
SysReAllocStringLen

kernel32

GetCPInfo
GetSystemDirectoryA
MultiByteToWideChar
GetModuleFileNameA
FindClose
HeapAlloc
lstrcpyA
GlobalDeleteAtom
GetFileSize
GetThreadLocale
EnumCalendarInfoA
DeleteFileA
lstrcmpA
VirtualQuery
CreateEventA
GetVersionExA
SetLastError
WaitForSingleObject
RtlUnwind
GlobalAlloc
GetModuleHandleA
CreateThread
GetProcAddress
GetProcessHeap
CompareStringA
GlobalAddAtomA
SetEvent
VirtualAlloc
GetCommandLineA
LocalAlloc
GetStringTypeW
WriteFile
ReadFile
lstrlenA
GetTickCount
FindFirstFileA
TlsGetValue
LeaveCriticalSection
GetDiskFreeSpaceA
GetWindowsDirectoryA
GlobalHandle
CloseHandle
GetStartupInfoA
GetLocaleInfoA
InitializeCriticalSection
TlsSetValue
FormatMessageA
SetEndOfFile
SizeofResource
ExitProcess
SetFilePointer
SetConsoleCtrlHandler
GetStdHandle
WideCharToMultiByte
LockResource
SetErrorMode
HeapFree
LoadResource
GlobalFree
LocalFree
TlsAlloc
LoadLibraryA
FindResourceA
RaiseException
CreateFileA
GetFileType
EnterCriticalSection
DeleteCriticalSection
SetHandleCount
GetACP
FreeLibrary
lstrcpynA
GlobalReAlloc
GetCurrentProcess
InterlockedIncrement
TlsFree
GetSystemInfo
InterlockedDecrement
GlobalUnlock
WinExec
MulDiv
GetVersion
GetLastError
GetCurrentThreadId
SetThreadLocale
VirtualFree
GetLocalTime
GlobalLock
GetPrivateProfileStringA
UnhandledExceptionFilter
GetOEMCP

advapi32

RegCloseKey
RegOpenKeyExA
LookupPrivilegeValueA
RegDeleteKeyA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e53d8f4fe1e77e090df6209494fb894

Headers

File Characteristics

Imports

oleaut32

kernel32

advapi32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 2KB